TARLOGIC's BLOG
Cybersecurity - Page 3
Cybersecurity articles with security analysis and ethical hacking technics information
CVE-2023-42115: Vulnerabilities without security patch in Exim
Exim has multiple critical vulnerabilities, including CVE-2023-4863, that allow attackers to run code on affected systems without authentication. Multiple vulnerabilities, one of t[...]
Read moreBluetooth vulnerabilities in smart locks
Detecting and mitigating Bluetooth vulnerabilities in smart locks is critical to securing these IoT devices A smart lock is an IoT device that facilitates access by opening a door [...]
Read moreHardware vulnerabilities in smart locks
We evaluate the hardware security level of the smart locks, disassembling one and analyzing the elements that make it up We got our hands on a Yale Linus smart lock, one that you c[...]
Read moreCVE-2023-4863: Heap buffer overflow in Google libwebp (WebP)
The vulnerability CVE-2023-4863 is found in the open source Libwebp library and affects browsers such as Mozilla, Chrome and Edge On September 6th, 2023 Apple Security Engineering [...]
Read moreCVE-2023-35082: Unauthenticated API Access Vulnerability in MobileIron Core
CVE-2023-35082 is a critical vulnerability that allows access to APIs in older versions of MobileIron Core Ivanti is having a tough time as another critical vulnerability has been [...]
Read moreCVE-2023-35078: Remote authentication bypass in Ivanti EPMM API
CVE-2023-35078 is a critical vulnerability that allows access to restricted functionality of Ivanti mobile management software A new critical vulnerability has been discovered in I[...]
Read moreCVE-2023-3519: 0-day vulnerability exploited the wild in Citrix NetScaler
On July 18, 2023, Citrix released information and updates to address a critical vulnerability (CVE-2023-3519) in NetScaler ADC and NetScaler Gateway. This vulnerability allows un[...]
Read moreCVE-2023-33299: Unauthenticated remote code execution vulnerability in FortiNAC
On June 19, 2023, Fortiguard published the information and updates to fix a critical vulnerability (CVE-2023-33299) in its FortiNAC software, which can allow an unauthorized access[...]
Read moreThe ins and outs of BlueTrust, a Bluetooth vulnerability
BlueTrust is a Bluetooth vulnerability that allows information about devices and users to be obtained and trust relationships to be traced BlueTrust is a mechanism for discovering [...]
Read moreCVE-2023-27997: Fortinet Fortigate SSL VPN Pre-Auth RCE critical vulnerability
Details have been disclosed about a critical vulnerability (CVE-2023-27997) affecting Fortinet Fortigate devices with exposed SSL VPN services. This vulnerability, which does not r[...]
Read more